The UK has been the greatest target of advanced cyber attacks in Europe, the Middle East or Africa (Emea) in the first half of 2014, according to a report.

Download this free guide

The importance of web security

Join us as we take a look at the different approaches you can take in order to bolster your web security. We find out how to identify and address overlooked web security vulnerabilities, how security controls affect web security assessment results and why web opportunities must be met with appropriate security controls.

APTs refer to cyber attacks in which unauthorised parties gain access to a network and stay there undetected for a long time.

APT attacks typically involve complex malware designed to steal data from organisations in sectors with high-value information such as national defence, manufacturing and finance.

Germany was the second most targeted country in the Emea region (12%), followed by Saudi Arabia (10%), Turkey (9%) and Switzerland (8%).

At the lower end of the ranking were France (4%), Sweden (4%) and Spain (3%).

Report recommendations

Assume your organisation is a target and that existing security controls can be bypassed.

Establish a cyber-risk framework that enables the business with board-level sponsorship.

Establish an incident response/management service to detect and react to an APT event quickly.

Enhance your visibility with external threat intelligence to understand who might attack you and how to avoid the tools, techniques and procedures they use.

Bring in technology that could identify an APT.

“Motivated by numerous objectives, threat actors are evolving the level of sophistication to steal personal data and business strategies, gain a competitive advantage or degrade operational reliability,” the report said.

The data was drawn from anonymised customers using FireEye’s Threat Prevention Platform, which is designed to provide real-time, dynamic threat protection without the use of signatures.

The data showed the number of unique infections associated specifically with targeted attacks nearly doubled in the Emea region in the first half of 2014.

Government, financial services and telecommunications were the most highly targeted sectors, representing more than 50% of APTs detected in the region. The energy sector was also a top target.

“Advanced attacks are the new reality for business and government,” said Richard Turner, regional vice-president at FireEye.

“By preparing an effective defensive strategy, organisations can avoid the risk of sitting on the sidelines as their data and intellectual property find their way to competitors, adversaries or hacktivists," he said.

Attackers are targeting high-value organisations and are making their way in. The high number of APT events suggests a large level of information theft

FireEye

APTs most often start with advanced email attacks such as spear phishing to trick recipients into clicking on a malicious link that gives the attacker control of the recipient’s PC or device, according to Mark Sparshott, regional director at Proofpoint.

“This report correlates with Proofpoint's research in early September which found that unsolicited email destined for recipients in the UK is proportionally almost three times more likely to contain a malicious link than in the US, Germany or France,” he said.

The FireEye report said the evidence demonstrates that organisations in the region continue to be targets for advanced threats.

“Attackers are targeting high-value organisations and are making their way in. The high number of APT events suggests a large level of information theft,” the report said.

The PwC report noted that UK firms are falling behind in identifying breaches, with more than 22% of UK companies surveyed admitting they failed to detect any security incidents in the past year, compared with only 16% globally and 18% in Europe.

The UK government has identified cyber attacks as a top threat to national security and, as part of a raft of initiatives to increase cyber defences, has mandated a minimum security standard for suppliers.

0 comments

Register

Login

Forgot your password?

Your password has been sent to:

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy